z/os V2R3 Client Web Enablement Toolkit: More Tools to Transform Your z/os Applications into RESTful Clients the Easy Way
|
|
- Christine Dean
- 6 years ago
- Views:
Transcription
1 z/os V2R3 Client Web Enablement Toolkit: More Tools to Transform Your z/os Applications into RESTful Clients the Easy Way Steve Warren, IBM z/os Client Web Enablement Toolkit Tech Lead August 9, 2017 Company
2 Agenda Overview of Toolkit Basic usage of HTTP Enabler New toolkit features REXX support HTTP streaming send and receive (V2R3) AT-TLS interoperability support Enhanced HTTPS functionality Support for direct HTTP tracing to data sets or zfs files JSON parser performance improvements for very large JSON text Support for the HEAD HTTP request method 2
3 Overview of Toolkit 3
4 z/os serving REST APIs z/os platform has for years been labeled the server of servers and houses much of the world s most critical data. Enhancements to the z/os Web serving space through the years have allowed this mammoth workhorse and repository of data to be more easily accessible to other systems. 4
5 What about z/os as a REST client? Client solutions imbedded in individual products or languages No generic web services or even a JSON parser available in all environments DB2 REST UDF Socket from COBOL HTTP client from Java 5
6 Introducing the z/os Client Web Enablement Toolkit! The z/os client web enablement toolkit provides a set of lightweight application programming interfaces (APIs) to enable traditional, native z/os programs to participate in modern web services applications. Pieces of the toolkit: A z/os HTTP/HTTPS protocol enabler to externalize HTTP and HTTPS client functions in an easyto-use generic fashion for user s in almost any z/os environment A z/os JSON parser which parses JSON coming from any source, builds new JSON text, or adds to existing JSON text. The toolkit allows its two parts to be used independently or combined together. Payload processing is separate from communication processing. The interfaces are intuitive for people familiar with other HTTP enabling APIs or other parsers Easy for newbies 6
7 General programming toolkit environment Runs in just about any address space Code runs in user s address space Supports both authorized and un-authorized callers Easy API suite provided Multi-language support Include files supplied for C, COBOL, PL/I, Assembler, REXX Multi-language samples provided 7
8 z/os HTTP/HTTPS Protocol Enabler Details 8
9 Usage & Invocation z/os HTTP Services Provides similar functionality to existing open-source libcurl HTTP/HTTPS interface Interface is very similar Underlying code is z/os-specific and not ported in any way 9
10 HTTP features supported by toolkit HTTPS connections HTTP cookies management Proxies URI redirection Basic client authentication Chunked encoding 10
11 HTTP Services execution environment Specific requirements for the HTTP portion of the toolkit: Supports task mode, non-cross-memory callers Execution key 1 thru 15 allowed OMVS segment required for address space using HTTP enabler Recovery recommended by caller 11
12 Demo 1 12
13 Demo 2 13
14 Structure of an HTTP Toolkit Application 14
15 Connections / Requests The HTTP/HTTPS enabler portion of the toolkit encompasses two major aspects of a web services application: The connection to a server The request made to that server along with the response it returns 15
16 HTTP Connections A connection is simply a socket (pipeline) between the application and the server. Must be established first before a request can flow to the server. Many options available for connection including: SSL/TLS Local IP address specification IP Stack Timeout values 16
17 Steps to create an HTTP Connection Initialize a connection (HWTHINIT) Obtain workarea storage for the connection Set one or more connection options (HWTHSET) One option at a time Make the actual connection (HWTHCONN) Creates the socket to the specified server 17
18 HTTP Request Overview A client makes an HTTP request to a server (endpoint) This HTTP request will typically be one of these types: GET (read existing resource) PUT (write/update existing resource) POST (write new resource) DELETE (remove existing resource) May send Request Headers May send Request Body (PUT and POST) The endpoint returns an HTTP response Response consists of status (1xx, 2xx, 3xx, 4xx, 5xx) Response headers Response body (most requests) 18
19 HTTP Requests An HTTP request sent over an existing connection Targets a particular resource at the domain established by the connection An HTTP GET, PUT, POST or DELETE is specified as the request method Requests not tightly-coupled to a connection. The same request can be sent over different connections Response callback routines (exits) can be set prior to the request to handle returned response headers and response body. 19
20 Steps to create an HTTP Request Initialize a request (HWTHINIT) Obtain workarea storage for the request Set one or more request options (HWTHSET) One option at a time Send the request over a specified connection (HWTHRQST) Flows the HTTP REST API call over the connection (socket) and then receives the response 20
21 HTTP Connection Details 21
22 Where do I want to connect? REST API specification details the location where the request must target Here are some examples: Google Maps Directions API specifies: Yelp Search API specifies: FAA Airport Service API specifies: 22
23 Format of a URI (URL) in the world of HTTP A Uniform Resource Identifier (URI) is the way a REST API is represented. A simplified syntax of a URI is: scheme://host[:port] [/]path[?query][#fragment] where and how to connect? what is the particular request? Connection portion of URI Request portion of URI scheme HTTP (unencrypted) or HTTPS (encrypted) (optional) host hostname or IPv4 or IPv6 address (e.g. port an optional destination port number (80 is default for HTTP scheme, 443 for HTTPS scheme) path an optional hierarchical form of segments (like a file directory) which represents the resource to perform the HTTP request method against query an optional free-form query string to allow for the passing of parameters fragment an optional identifier providing direction to a secondary resource 23
24 Setting Location of Connection HWTH_OPT_URI (required) valid values are either a v4 or v6 IP address, or hostname Examples: HTTP Scheme is optional HWTH_OPT_PORT (optional) value specifying which remote port number to connect to, instead of the one specified in the URL or the default HTTP or HTTPS port. Default for HTTP is 80 Default for HTTPS is
25 Setting Source Location of Connection HWTH_OPT_IPSTACK Optional value 1 to 8 character z/os TCP/IP stack to be used by the connection Procname of TCP/IP (useful when installation has more than one TCP/IP stack running) HWTH_OPT_LOCALIPADDR Optional outgoing local IP address HWTH_OPT_LOCALPORT Optional outgoing local port Definitions also useful especially when security definitions are in place for specifically defined addresses and ports Application limited by existing security profiles and definitions that are already in effect on the system where the application resides. z/os Communications Server NetAccess, in conjunction with security profiles defined using the SERVAUTH class, can be used to control network access authority, TCP/IP stack access authority, port access authority, and more. 25
26 HTTP Services Proxy Options HWTH_OPT_PROXY set the HTTP proxy to user. Specified the exact same as HWTH_OPT_URI above. HWTH_OPT_PROXYPORT specify the proxy port to connect to. Specified the exact same as HWTH_OPT_PORT above 26
27 Setting other connection options HWTH_OPT_SNDTIMEOUTVAL Sending timeout value HWTH_OPT_RCVTIMEOUTVAL Receiving timeout value HWTH_OPT_HTTP_VERSION which version of HTTP do you want to use over this connection HTTP_VERSION_NONE HTTP_VERSION_1_0 HTTP_VERSION_1_1 27
28 HTTP Services SSL Options SSL support options include: HWTH_OPT_USE_SSL tells toolkit to attempt SSL negotiation explicitly HWTH_OPT_SSLVERSION sets the SSL versions to be supported by this HTTP request. More than one version may be selected. (e.g. TLS1.2, TLS1.1, TLS1.0, SSLv3) HWTH_OPT_SSLKEYTYPE Specifies the manner the key will be supplied to this HTTPS request. The following constants are provided: SSLKEYTYPE_KEYDBFILE key store is specified key database file SSLKEYTYPE_KEYRINGNAME key store is a security product managed keyring. HWTH_OPT_SSLKEY Specifies the value of the key. The value specified depends on the value set by SSLKEYTYPE. For SSLKEYTYPE_KEYDBFILE - represents path and name of the key database file name For SSLKEYTYPE_KEYRINGNAME represents the SAF key ring name or PKCS#11 token HWTH_OPT_SSLKEYSTASHFILE specifies the stash file of the key database file. Only valid if SSLKEYTYPE_KEYDBFILE is specified. Ignored in all other cases. HWTH_OPT_SSLCLIENTAUTHLABEL optional label that represents a client certificate if SSL client authentication is requested by the server. 28
29 HTTP Services Redirect Options Redirect options include: HWTH_OPT_MAX_REDIRECTS maximum number of redirects to follow for a given request. HWTH_OPT_XDOMAIN_REDIRECTS are cross-domain redirects allowed? HWT_OPT_REDIRECT_PROTOCOLS do you allow the HTTP/HTTPS protocol to be upgraded and/or downgraded on a redirect? 29
30 HTTP Services Cookie Options Cookie support options include: HWTH_OPT_COOKIETYPE sets cookie handling type COOKIETYPE_NONE cookie engine not activated COOKIETYPE_SESSION cookie engine enabled cookies automatically sent, but end when connection ends COOKIETYPE_PERSIST - cookie engine enabled cookies automatically sent, cookies saved to output buffer when connection endsin HWTH_OPT_COOKIE_INPUT_BUFFER specifies input cookie data store HWTH_OPT_COOKIE_OUTPUT_BUFFER specifies output cookie location for a cookietype of COOKIETYPE_PERSIST 30
31 Example of establishing a connection Initialize a connection (HWTHINIT) Set one or more connection options (HWTHSET) Connect to the web server (HWTHCONN) 31
32 HTTP Request Details 32
33 What resource and parameters do I want to invoke? REST API specification details the location where the request must target Here are some examples: Google Maps Directions API specifies: Yelp Search API specifies: FAA Airport Service API specifies: 33
34 Format of a URI (URL) in the world of HTTP A Uniform Resource Identifier (URI) is the way a REST API is represented. A simplified syntax of a URI is: scheme://host[:port] [/]path[?query][#fragment] where and how to connect? what is the particular request? Connection portion of URI Request portion of URI scheme HTTP (unencrypted) or HTTPS (encrypted) (optional) host hostname or IPv4 or IPv6 address (e.g. port an optional destination port number (80 is default for HTTP scheme, 443 for HTTPS scheme) path an optional hierarchical form of segments (like a file directory) which represents the resource to perform the HTTP request method against query an optional free-form query string to allow for the passing of parameters fragment an optional identifier providing direction to a secondary resource 34
35 Setting request path, input parameters, method HWTH_OPT_URI (required) The name or resource (URN path portion) of the URI. The query and fragment portions of a URI may also be present. Examples: /systems/z/ /over/here?name=abc#frag1 HWTH_OPT_REQUEST (required) which HTTP CRUD request method does the request want to use HWTH_HTTP_REQUEST_GET HWTH_HTTP_REQUEST_PUT HWTH_HTTP_REQUEST_POST HWTH_HTTP_REQUEST_DELETE 35
36 HTTP Services Chunked encoding Responses with chunked encoding present Toolkit supports the chunked encoding data transfer method (Transferencoding: chunked). Automatically de-chunks data sent from the server using the chunked encoding method. The response body exit does not need to handle the various chunks; rather, the data is delivered to the exit already decoded. If the chunked data contains trailer headers, the header exit will be invoked (once for each trailer header) prior to this routine receiving control. Note: The toolkit ignores chunk extensions 36
37 Other HTTP request options HTTP authorization options: HWTH_OPT_HTTPAUTH Do I want HTTP basic client authentication? HWTH_OPT_USERNAME and HWTH_OPT_PASSWORD must be set if basic client authentication is selected. HTTP request body and response body translate functions HWTH_OPT_TRANSLATE_REQBODY translate request body from EBCDIC to ASCII automatically. HWTH_OPT_TRANSLATE_RESPBODY translate response body from ASCII to EBCDIC automatically. 37
38 Example of establishing a request Initialize a request (HWTHINIT) Set one or more request options (HWTHSET) Send the request to the web server (HWTHRQST) 38
39 Example of initializing a request HandleType = HWTH_HANDLETYPE_REQUEST address hwthttp "hwthinit ", "ReturnCode ", "HandleType ", ReqHandle ", "DiagArea." A request instance has been created. As many request instances as you would like can be created A request is married with a connection at the HWTHRQST API call 39
40 Example of setting some request options /**************************************************************/ /* Set HTTP Request method. */ /* A GET request method is used to get data from the server. */ /**************************************************************/ address hwthttp "hwthset ", "ReturnCode ", "ReqHandle ", "HWTH_OPT_REQUESTMETHOD ", "HWTH_HTTP_REQUEST_GET ", "DiagArea." *****************************************************************/ * Set the request URI */ * Set the URN URI that identifies a resource by name that is */ * the target of our request. */ *****************************************************************/ requestpath = '/airport/status/' airportcode address hwthttp "hwthset ", "ReturnCode ", "ReqHandle ", "HWTH_OPT_URI ", "requestpath ", "DiagArea." All the request options can be set before issuing the HWTHRQST service Once the request is completed, the request options can be altered if desired before next send request service. 40
41 Example of setting a request header acceptjsonheader = 'Accept:application/json' /********************************************************************** /* Create a brand new SList and specify the first header to be an * /* "Accept" header that requests that the server return any response * /* body text in JSON format. * /********************************************************************** address hwthttp "hwthslst ", "ReturnCode ", "ReqHandle ", "HWTH_SLST_NEW ", "SList ", "acceptjsonheader ", "DiagArea. /*******************************************************/ /* Set the request headers with the just-produced list */ /*******************************************************/ address hwthttp "hwthset ", "ReturnCode ", "ReqHandle ", "HWTH_OPT_HTTPHEADERS ", "SList ", "DiagArea." After the first HWTH_SLST_NEW function, specify HWTH_SLIST_APPEND to add more headers to the SLST if desired. 41
42 Example of setting more request options /****************************************************************/ /* Tell the toolkit to translate the body from ASCII to EBCDIC */ /****************************************************************/ address hwthttp "hwthset ", "ReturnCode ", "ReqHandle ", "HWTH_OPT_TRANSLATE_RESPBODY ", "HWTH_XLATE_RESPBODY_A2E ", "DiagArea." /*************************************************/ /* Set the variable for receiving response body */ /*************************************************/ say 'Set HWTH_OPT_RESPONSEBODY_USERDATA for request' address hwthttp "hwthset ", "ReturnCode ", "ReqHandle ", "HWTH_OPT_RESPONSEBODY_USERDATA ", "ResponseBody ", "DiagArea." When the HWTHRQST service completes, the response body will be in EBCDIC. 42
43 Example of finally issuing the REST API call /***********************************/ /* Call the HWTHRQST toolkit api. */ /***********************************/ address hwthttp "hwthrqst ", "ReturnCode ", "ConnHandle ", "ReqHandle ", "HttpStatusCode ", "HttpReasonCode ", "DiagArea." When this API call completes, the request and response have also completed. The final status of the call is returned in the HttpStatusCode (eg. 200) and HttpReasonCode (eg. OK ) Non-REXX Header and Response body exits have already been driven REXX Response Header and Response body variables can be consulted A reset or terminate of the request will wipe out any set values 43
44 z/os Client Toolkit HTTP Language Support Include files and sample programs provided in: C COBOL PL/I Assembler (Include file only) REXX sample delivered via APAR OA50659 on V2R1 and V2R2 44
45 New REXX support details 45
46 New REXX Host Commands for Toolkit Two new host command environments available in REXX HWTJSON HWTHTTP Runs in the following REXX environments: TSO ISPF System REXX z/os UNIX ISV-provided REXX environments How to get the host command environment V2R3 and higher (non-isv-provided environments) host command environments built-in V2R2 and lower (and ISV-provided environments on any release) Host command environment dynamically added by adding hwtcalls( on ) to the REXX exec 46
47 Toolkit REXX Support general syntax HTTP enabler syntax address hwthttp 'service_name returncode service_args... diagnostic_stem.' z/os JSON parser syntax address hwtjson 'service_name returncode service_args... diagnostic_stem.' Host command return code (special variable rc in REXX) should be 0 >0 toolkit service not called, verify command arguments <0 probably an abend code, service may or may not have been called The HTTP enabler require z/os UNIX signals. May wish to issue call syscalls SIGOFF depending on your environment 47
48 New REXX-only toolkit services HWTCONST (get toolkit constants) Initializes pre-defined variables in the current REXX variable pool Useful for using the symbolic names as defined in the documentation (such as checking for return codes, setting a particular option, etc..) address hwthttp hwtconst returncode diag. The variable HWT_CONSTANTS is set to a string containing the names of all the variables set Useful for procedures to expose names (procedure x expose(hwt_constants) ) HWTJESCT (encode/decode escape sequences in JSON text) Transforms non-conforming JSON text (not properly escaped) into conforming JSON text (encode). Decode does the reverse. address hwtjson hwtjesct returncode func srctxt trgtxt diag Where func is either HWTJ_ENCODE or HWTJ_DECODE 48
49 Toolkit service not available in REXX HWTJGNUV (get number value) REXX has no concept of integers or floating point numbers 49
50 Example how to init HTTP connection in REXX HandleType = HWTH_HANDLETYPE_CONNECTION address hwthttp "hwthinit ", "ReturnCode ", "HandleType ", ConnectHandle ", "DiagArea." A connection instance has been created. More than one connection can be initialized per address space (if the user has set his dubbing defaults to dub process) But only one connection can be active at a time in an MVS task (Setup MVS Signals only allows one signal setup to be allowed per process) 50
51 Example how to set connection options in REXX /***********************************************************************/ /* Set URI for connection to the Federal Aviation Administration (FAA) */ /***********************************************************************/ ConnectionUri = ' ReturnCode = -1 DiagArea. = '' address hwthttp "hwthset ", "ReturnCode ", "ConnectHandle ", "HWTH_OPT_URI ", "ConnectionUri ", "DiagArea." /************************************************************************** */ /* Set HWTH_OPT_COOKIETYPE */ /* Enable the cookie engine for this connection. */ /* Any "eligible" stored cookies will be resent to the host on subsequent */ /* interactions automatically. */ /****************************************************************************/ ReturnCode = -1 DiagArea. = '' address hwthttp "hwthset ", "ReturnCode ", "ConnectHandle ", "HWTH_OPT_COOKIETYPE ", "HWTH_COOKIETYPE_SESSION ", "DiagArea." 51
52 Example showing connecting to HTTP server in REXX /**********************************/ /* Call the HWTHCONN toolkit api */ /**********************************/ ReturnCode = -1 DiagArea. = '' address hwthttp "hwthconn ", "ReturnCode ", "ConnectHandle ", "DiagArea." The connection stays persistent from a toolkit perspective Timed-out connections (sockets) will automatically be reconnected at the time of a request if necessary A disconnect, reset or terminate of the connection will disconnect the established connection 52
53 Processing HTTP Response Headers in REXX All HTTP response headers are optionally stored in a REXX stem variable Set the HWTH_OPT_RESPONSEHDR_USERDATA option to the name of the stem variable. Upon return from the HWTHRQST (send request service), the following information is returned regarding the response headers received: the number of response headers received is stored in the.0 stem the name of each response header is stored in the stemname.x stem variable, where x is the from 1 to the number of response headers received. the value for each response header is stored in the stemname.x.1 stem variable, where is x is from 1 to the number of response headers received. 53
54 Sending a Request Body in REXX The main data sent on a PUT or POST method to an HTTP REST server is usually sent in the request body Set the HWTH_OPT_REQUESTBODY option with the simple name of the variable which contains the request body. 54
55 Receiving the Response Body in REXX The main data returned from an HTTP REST server is usually sent as the response body Set the HWTH_OPT_RESPONSEBODY_USERDATA option with the simple name of the variable which will hold the response body data. REXX limitation of 16Mb applies for max response body to be received in REXX 55
56 New HTTP Streaming Support 56
57 Why HTTP Streaming? A matter of size HTTP protocol has no limit on body size Either body may be very large What if a body is so large that it is not feasible to hold it in memory at a given point in time? Awareness of body size HTTP protocol allows for cases when body size is known, allowing its transfer all at once What if the body size is not known up front? HTTP protocol allows for a body to be transferred as an ordered sequence of pieces ( gradually ), allowing for the end of the body to be discovered/conveyed. Transparency Does a user want to understand and handle metadata artifacts which might be required by a gradual body transfer? Can the toolkit (user agent) efficiencies be improved? 57
58 HTTP Enabler capabilities before/after streaming Before all at once Request/Response Body (moderate size) gradual Response Body (moderate size) Toolkit is inefficient in its processing of gradual (chunk-encoded) Response Bodies De-chunks in place using a repeated-shift-left approach Not suitable for larger body sizes After gradual Request Body (any size) all at once Response Body (of arbitrarily large size) gradual Response Body (of arbitrarily large size) 58
59 Sending HTTP Streaming Use Case Need to send an arbitrarily large piece of data to the server (as a request body) Cannot hold all of the data at once in storage Want to spoon-feed moderate-sized pieces of the data to the toolkit Toolkit can chunk-encode it on my behalf (if necessary) as part of the transfer User needs to: Give the data pieces to the toolkit in order Wants flexibility to provide them at varying addresses with varying sizes (since that is how they may be made available to the user) Indicate that s all of my data to the toolkit Tell the toolkit to cancel the remainder of any in-progress send Be notified by the toolkit if anything goes wrong along the way 59
60 Receiving HTTP Streaming Use Case Need to receive an arbitrarily large piece of data from the server (as a response body) May not be able to hold all of the data at once in storage Size may be unpredictable Want the toolkit to spoon-feed the application moderate-sized pieces of the data Data should be devoid of any chunk-encode metadata which the toolkit may have encountered during transfer User expects to: Receive the pieces in order and efficiently written directly into the user s buffers Wants flexibility to provide the buffers at varying addresses with varying sizes Be indicated by the toolkit that s all of my data Tell the toolkit to cancel the remainder of any in-progress receive Be notified by the toolkit if anything goes wrong along the way 60
61 Usage of HTTP Streaming (Send to server) New Streaming Send Exit option settable by HWTHSET If valid exit address is set for HWTH_OPT_STREAM_SEND_EXIT, streaming send will be in effect New Streaming user data option settable by HWTHSET Set HWTH_OPT_REQUESTBODY_USERDATA to provide exit with an optional buffer of user data to be passed to the streamed send callback routine. The toolkit will drive the streaming send exit in a loop to process the data Send exit will specify: address and length of the data buffers to be sent a status value to communicate the state of the data being sent 61
62 Usage of HTTP Streaming (Receive from server) New settable options for Streaming Receive exit and Streaming Receive exit user data Note that the HWTH_OPT_STREAM_RECEIVE_EXIT is mutually exclusive with the existing HWTH_OPT_RESPONSEBODY_EXIT option. The toolkit will drive the streaming receive exit in a loop to process the data Receive exit will specify: address and length of the data buffers to be populated by the data received a status value to communicate the state of the data being received Receive exit is notified when all the data has been received 62
63 Miscellaneous Streaming Notes No REXX support for streaming Data moves minimized as much as possible In some cases, the data is written directly from the socket to the user buffer. Vector list required by Streaming Send exit compatible with the readv() z/os XL C/C++ library function (Read data from a file and store into a set of buffers) Vector list returned in Streaming Receive exit compatible with the writev() z/os XL C/C++ library function (Write data from a set of buffers into a file) 63
64 Streaming samples New streaming samples now available C and COBOL examples provided Illustrate sending a file to a well-known HTTP server and receiving it back Available via APAR OA53922 on V2R3 64
65 AT-TLS / Toolkit Interoperability Support 65
66 HTTP Services AT-TLS / Toolkit Interoperability Application Transparent TLS is basically stack-based TLS TLS process performed in TCP layer (via System SSL) without requiring any application change (transparent) AT-TLS policy specifies which TCP traffic is to be TLS protected based on a variety of criteria Local address, port Remote address, port z/os userid, jobname Time, day, week, month Gives network administrators greater control over the security requirements of network applications rather than individual applications 66
67 HTTP Services AT-TLS / Toolkit Interoperability Toolkit is now AT-TLS aware (with APAR OA50957 installed) Application does not specify SSL/TLS options directly within toolkit application? AT-TLS policy upgrades connection to SSL/TLS? Toolkit will treat the requests over this connection as HTTPS requests All cookies and redirect processing will be now operate as an HTTPS request. AT-TLS policy does not upgrade connection or no policy in effect? Business as usual. Request will operate as HTTP Application specifies SSL/TLS directly within toolkit application? AT-TLS policy upgrades connection to SSL/TLS? Toolkit rejects the request. Network configuration and application are in conflict. AT-TLS policy does not upgrade connection or no policy in effect? Business as usual. SSL/TLS credentials will be specified by the application. If successful handshake, then request will operation as HTTPS. 67
68 Enhanced HTTPS Functionality 68
69 New SSL Cipher Specs support When a secure connection is established, the client and server negotiate the cipher to use for the connection (RFC5246). These ciphers help determine how the data will be encrypted and decrypted. The web server has an ordered list of ciphers, and the first cipher in the list that is supported by the client is selected. New HWTH_OPT_SSLCIPHERSPECS option allows the application to specify a list of 4-character cipher definitions Should be ordered by preference of use Requires HWTH_OPT_USE_SSL option to be set to HWTH_SSL_USE (application-initiated SSL connection) Allows the client application to replace the default list of acceptable cipher specifications with its own list Available in APAR OA53546 on V2R1 and higher 69
70 New SSL TLS 1.2 optimization support Full TLS/SSL handshake (prior to TLS 1.2) High latency Two round-trips required Expensive computation to exchange keys or sign and verify certificates 70
71 New SSL TLS 1.2 optimization support Abbreviated (short) handshake (TLS 1.2) The full handshake is required at least once. The full handshake results in server sending a session ID back to the client. This ID is cached on the server and by the toolkit (client-side) If new request is made to the same server and the connection is no longer there, the toolkit attempts to send this cached session ID as part of the new handshake. If the server accepts this session ID, the server quickly completes the handshake, bypassing most of the full handshake steps. If the server does not accept the session ID, a full handshake will result. SSL Client Client Hello (1) +Session ID Server Hello Change CipherSuite Finished (3) Change CipherSuite Finished (4) SSL Server Verify Session ID (if required) (2) Exchange Messages (5) 71
72 New SSL TLS 1.2 optimization support Available on z/os V2R2 and higher Requires APAR OA53546 to be installed for applicationinitiated SSL connections The toolkit will use the abbreviated handshake whenever it is possible to resume a previously established secure connection. Connections using AT-TLS can also avail themselves of this optimization automatically when running on V2R2 or higher Toolkit optimization will only be available if a connection has not been disconnected. Use cases include: A server times out a connection. A request is then attempted over this timedout connection. A server sends a Connection Closed response header (or fails to specify Keep-Alive (HTTP 1.0)). A request is then attempted over this closed connection. 72
73 HTTP Tracing Output to a DD 73
74 New HTTP tracing to DD support New HWTH_OPT_VERBOSE_OUTPUT option allows specification of a DD where HTTP trace output is to be directed Used in conjunction with the existing HWTH_OPT_VERBOSE option The DD name above must represent either: a pre-allocated traditional z/os data set which is a physical sequential (DSORG=PS) with a record format of unblocked variable (RECFM=V) or Undefined (RECFM=U) and expandable (non-zero primary and secondary extents). The DD must also specify a DISP=OLD disposition. a zfs or HFS file. t: An error occurred: Certificate validation error t: Reason code: 8 t: Return code: -1 t: Service: 22 t: Service Instance: 0 74
75 New HTTP tracing to DD support address hwthttp "hwthset ", "ReturnCode ", "ConnHandle ", "HWTH_OPT_VERBOSE ", "HWTH_VERBOSE_ON ", "DiagArea." tracedd = MYTRACE /* Allocate the data set here */ address hwthttp "hwthset ", "ReturnCode ", "ConnectionHandle ", "HWTH_OPT_VERBOSE_OUTPUT ", "tracedd ", "DiagArea." When a connect, sendrequest or disconnect are issued, detailed trace will be written to the data set specified by the MYTRACE DD. 75
76 JSON parsing performance improvements (large streams) 76
77 Parsing performance improvements for very large JSON No external changes. Very large JSON text streams parse much faster (HWTJPARS) than before z/os JSON parser much smarter about the management of the internal JSON mapping of the JSON text stream. For very large JSON bodies, the internal representation can now span multiple obtained storage areas. Creating new JSON entries (HWTJCREN) occur significantly faster The insertion point for adding an new entry to an object or array is learned significantly faster than before, making insertion orders of magnitude faster than before when there are many entries already in the object or array. 77
78 Support for HEAD HTTP Request Method 78
79 Support for HEAD request method The HEAD method is identical to GET except that the server does not return a message-body in the response. The metadata contained in the HTTP headers in response to a HEAD request will be identical to the information sent in response to a GET HWTHSET can now be invoked using a new constant value HWTH_HTTP_REQUEST_HEAD for setting the HWTH_OPT_REQUESTMETHOD option. 79
80 Where to go for more z/os Client Web Enablement Toolkit information 80
81 Come to the SHARE Lab Writing a z/os application leveraging REST APIs Friday, August 11 th, 8:30am, Room 557 Learn how to write a couple of simple applications which leverage REST APIs Learn the basic functions of the toolkit Learn how to debug a few common problems encountered when invoking a REST API 81
82 Toolkit Reference Materials z/os 2.2 MVS Programming: Callable Services for High-Level Languages Complete toolkit documentation z/os 2.2 MVS System Messages, Volume 6 (GOS IEA) Toolkit message documentation z/os 2.2 MVS System Codes Toolkit abend 04D x documentation 82
83 mainframeinsights.com Search for toolkit 83
84 IBM Systems Magazine (January / February 2016) z/os Client Web Enablement Toolkit Enhances Web Application Availability (pg in hardcopy edition) 84
85 z/os Hot Topics magazine (August 2015) REST easy on z/os Introducing the z/os Client Web Enablement Toolkit (pg ) 85
86 Questions? 86
z/os V2R3 Client Web Enablement Toolkit: More Tools to Transform Your z/os Applications into RESTful Clients the Easy Way
z/os V2R3 Client Web Enablement Toolkit: More Tools to Transform Your z/os Applications into RESTful Clients the Easy Way Steve Warren, IBM z/os Client Web Enablement Toolkit Tech Lead Email: swarren@us.ibm.com
More informationIBM Education Assistance for z/os V2R3
IBM Education Assistance for z/os V2R3 Toolkit REXX support & Toolkit Streaming Send/Receive Element/Component: z/os Client Web Enablement Toolkit 62 2017 IBM Corporation Agenda Trademarks Session Objectives
More informationSeriously? JSON parsing and HTTP services in native z/os? Absolutely! Steve Warren z/os Client Web Enablement Toolkit Technical Lead IBM
Seriously? JSON parsing and HTTP services in native z/os? Absolutely! Steve Warren z/os Client Web Enablement Toolkit Technical Lead IBM Trademarks The following are trademarks of the International Business
More informationJSON and COBOL. Tom Ross Captain COBOL GSE Nordic Reykjavik June 3, 2016
JSON and COBOL Tom Ross Captain COBOL GSE Nordic Reykjavik June 3, 2016 JSON and COBOL What is JSON? IBM products support JSON! Scenarios 2 What is JSON? JavaScript Object Notation JSON is the new XML
More informationLecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications
Internet and Intranet Protocols and Applications Lecture 7b: HTTP Feb. 24, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu WWW - HTTP/1.1 Web s application layer protocol
More informationCOMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ
COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS Web Access: HTTP 16501018 Mehmet KORKMAZ World Wide Web What is WWW? WWW = World Wide Web = Web!= Internet Internet is a global system of interconnected computer
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More informationProxyCap Help. Table of contents. Configuring ProxyCap Proxy Labs
ProxyCap Help 2016 Proxy Labs Table of contents Configuring ProxyCap The Ruleset panel Loading and saving rulesets Delegating ruleset management The Proxies panel The proxy list view Adding, removing and
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationCreate Decryption Policies to Control HTTPS Traffic
Create Decryption Policies to Control HTTPS Traffic This chapter contains the following sections: Overview of Create Decryption Policies to Control HTTPS Traffic, page 1 Managing HTTPS Traffic through
More informationForeScout CounterACT. Configuration Guide. Version 3.4
ForeScout CounterACT Open Integration Module: Data Exchange Version 3.4 Table of Contents About the Data Exchange Module... 4 About Support for Dual Stack Environments... 4 Requirements... 4 CounterACT
More informationCall Control Discovery
CHAPTER 3 The call control discovery feature leverages the Service Advertisement Framework (SAF) network service, a proprietary Cisco service, to facilitate dynamic provisioning of inter-call agent information.
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationConfiguring Health Monitoring
CHAPTER1 This chapter describes how to configure health monitoring on the ACE to track the state of a server by sending out probes. Also referred to as out-of-band health monitoring, the ACE verifies the
More informationFoundations of Python
Foundations of Python Network Programming The comprehensive guide to building network applications with Python Second Edition Brandon Rhodes John Goerzen Apress Contents Contents at a Glance About the
More informationIBM. OA VTAM 3270 Intrusion Detection Services - Overview, Considerations, and Assessment (Prerequisite) z/os Communications Server
z/os Communications Server IBM OA49911 - VTAM 3270 Intrusion Detection Services - Overview, Considerations, and Assessment (Prerequisite) Version 2 Release 2 Note: Links to related publications are from
More informationWhat's New in BCPii in z/os 2.1? Full REXX Support and Faster Data Retrieval Steve Warren
What's New in BCPii in z/os 2.1? Full REXX Support and Faster Data Retrieval Steve Warren swarren@us.ibm.com SHARE Anaheim Session 15048 March 12, 2014 Trademarks The following are trademarks of the International
More informationHP Load Balancing Module
HP Load Balancing Module Load Balancing Configuration Guide Part number: 5998-4218 Software version: Feature 3221 Document version: 6PW100-20130326 Legal and notice information Copyright 2013 Hewlett-Packard
More informationIntercepting Web Requests
This chapter contains the following sections: Overview of, on page 1 Tasks for, on page 1 Best Practices for, on page 2 Web Proxy Options for, on page 3 Client Options for Redirecting Web Requests, on
More informationIntegrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise
System z Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise SC28-6880-00 System z Integrating the Hardware Management Console s Broadband Remote Support
More informationFinding Support Information for Platforms and Cisco IOS Software Images
First Published: June 19, 2006 Last Updated: June 19, 2006 The Cisco Networking Services () feature is a collection of services that can provide remote event-driven configuring of Cisco IOS networking
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More informationEduardo
Eduardo Silva @edsiper eduardo@treasure-data.com About Me Eduardo Silva Github & Twitter Personal Blog @edsiper http://edsiper.linuxchile.cl Treasure Data Open Source Engineer Fluentd / Fluent Bit http://github.com/fluent
More informationBEAAquaLogic. Service Bus. MQ Transport User Guide
BEAAquaLogic Service Bus MQ Transport User Guide Version: 3.0 Revised: February 2008 Contents Introduction to the MQ Transport Messaging Patterns......................................................
More informationReST 2000 Roy Fielding W3C
Outline What is ReST? Constraints in ReST REST Architecture Components Features of ReST applications Example of requests in REST & SOAP Complex REST request REST Server response Real REST examples REST
More informationIBM Education Assistance for z/os V2R1
IBM Education Assistance for z/os V2R1 Items: TLS V1.2 Suite B RFC 5280 Certificate Validation Element/Component: Cryptographic Services - System SSL Material is current as of June 2013 Agenda Trademarks
More informationC22: Browser & Web Server Communication
CISC 3120 C22: Browser & Web Server Communication Hui Chen Department of Computer & Information Science CUNY Brooklyn College 11/01/2017 CUNY Brooklyn College 1 Web Application Architecture Client apps
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationUsing the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway
Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Applying Application Delivery Technology to Web Services Overview The Cisco ACE XML Gateway is the newest
More informationMarkLogic Server. Flexible Replication Guide. MarkLogic 9 May, Copyright 2018 MarkLogic Corporation. All rights reserved.
Flexible Replication Guide 1 MarkLogic 9 May, 2017 Last Revised: 9.0-1, May, 2017 Copyright 2018 MarkLogic Corporation. All rights reserved. Table of Contents Table of Contents Flexible Replication Guide
More informationISPW Meta-data + RDz APIs = Accelerated Developer Productivity
RDz User/Customer Experience series ISPW Meta-data + RDz APIs = Accelerated Developer Productivity Jack Lema ISPW Benchmark Technologies August 3, 2010, 4:30 pm 5:30 pm Session 7608 Agenda Who I am / Who
More informationEZZ2672I EZZ2679I. 164 z/os V2R1.0 Communications Server: IP Messages Volume 4 (EZZ, SNM)
EZZ2672I EZZ2679I EZZ2672I See the message explanation. Explanation: This is a TSO NETSTAT IDS option response. This message is displayed only for TSO NETSTAT options in which the TSO user ID profiles
More informationAutomated Sign-on for Mainframe Administrator Guide
Automated Sign-on for Mainframe Administrator Guide 12.5.1 For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy,
More informationHTTPS--HTTP Server and Client with SSL 3.0
The feature provides Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1 server and HTTP 1.1 client within Cisco IOS XE software. SSL provides server authentication, encryption, and message
More informationConfiguring Cisco Mobility Advantage
CHAPTER 46 This chapter describes how to configure the adaptive security appliance for Cisco Unified Communications Mobility Advantage Proxy features. This chapter includes the following sections: Information
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationBEAAquaLogic. Service Bus. Native MQ Transport User Guide
BEAAquaLogic Service Bus Native MQ Transport User Guide Version: 2.6 RP1 Revised: November 2007 Contents Introduction to the Native MQ Transport Advantages of Using the Native MQ Transport................................
More informationRemote Desktop Services. Deployment Guide
Deployment Guide UPDATED: 20 June 2018 Copyright Notices Copyright 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies logo are registered trademarks of KEMP
More informationCSP 1.3: An HTTP-Based Protocol for Parameterized, Aggregated Content
CSP 1.3: An HTTP-Based Protocol for Parameterized, Aggregated Content This document was modified: 9/26/2005 1. Introduction...3 1.1. Motivation and Design Goals...3 1.2. Glossary of Terms...3 2. Protocol
More informationA New Internet? Introduction to HTTP/2, QUIC and DOH
A New Internet? Introduction to HTTP/2, QUIC and DOH and more LACNIC 29 - Panamá May 2018 Jordi Palet (jordi.palet@theipv6company.com) -1 Internet is Changing More and more, Internet traffic is moving
More informationConfiguring the Oracle Network Environment. Copyright 2009, Oracle. All rights reserved.
Configuring the Oracle Network Environment Objectives After completing this lesson, you should be able to: Use Enterprise Manager to: Create additional listeners Create Oracle Net Service aliases Configure
More informationBIG-IP Access Policy Manager : Portal Access. Version 12.1
BIG-IP Access Policy Manager : Portal Access Version 12.1 Table of Contents Table of Contents Overview of Portal Access...7 Overview: What is portal access?...7 About portal access configuration elements...7
More informationApplication Level Protocols
Application Level Protocols 2 Application Level Protocols Applications handle different kinds of content e.g.. e-mail, web pages, voice Different types of content require different kinds of protocols Application
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationDistributed Systems Exam 1 Review Paul Krzyzanowski. Rutgers University. Fall 2016
Distributed Systems 2015 Exam 1 Review Paul Krzyzanowski Rutgers University Fall 2016 1 Question 1 Why did the use of reference counting for remote objects prove to be impractical? Explain. It s not fault
More informationConfiguring Stickiness
CHAPTER 6 Date: 5/7/09 This section provides information about sticky behavior and procedures for configuring stickiness with the ANM. Sections include: Stickiness Overview, page 6-1 Configuring Sticky
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationForeScout Open Integration Module: Data Exchange Plugin
ForeScout Open Integration Module: Data Exchange Plugin Version 3.2.0 Table of Contents About the Data Exchange Plugin... 4 Requirements... 4 CounterACT Software Requirements... 4 Connectivity Requirements...
More informationConfiguring Secure Socket Layer HTTP
Finding Feature Information, page 1 Information about Secure Sockets Layer (SSL) HTTP, page 1 How to Configure Secure HTTP Servers and Clients, page 5 Monitoring Secure HTTP Server and Client Status, page
More informationSelf-test TSO/E REXX. Document: e0167test.fm 19/04/2012. ABIS Training & Consulting P.O. Box 220 B-3000 Leuven Belgium
Self-test TSO/E REXX Document: e0167test.fm 19/04/2012 ABIS Training & Consulting P.O. Box 220 B-3000 Leuven Belgium TRAINING & CONSULTING INTRODUCTION TO THE SELF-TEST TSO/E REXX This test will help you
More informationConfiguring Traffic Policies for Server Load Balancing
CHAPTER3 Configuring Traffic Policies for Server Load Balancing This chapter describes how to configure the ACE appliance to use classification (class) maps and policy maps to filter and match interesting
More informationYour password is: firstpw
SHARE Session #9777: WebSphere and Rational Developer Hands-on-Labs Building Java application on System z with RDz Lab exercise (estimate duration) Part 1: Your first Java application on z/os (~35 min).
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 8. Internet Applications Internet Applications Overview Domain Name Service (DNS) Electronic Mail File Transfer Protocol (FTP) WWW and HTTP Content
More informationIBM Education Assistance for z/os V2R2
IBM Education Assistance for z/os V2R2 Items: OCSP (Online Certificate Status Protocol) PKCS#12 Certificate Keystore Element/Component: System SSL Material current as of May 2015 Agenda Trademarks Presentation
More informationArrayOS APV Release Note
Introduction Release Date: August 3, 2016 This release note summarizes the new features, general enhancements, resolved issues and known limitations for ArrayOS APV 8.6.0.30. Contacting Customer Support
More informationSIP Compliance APPENDIX
APPENDIX E This appendix describes Cisco SIP proxy server (Cisco SPS) compliance with the Internet Engineering Task Force (IETF) definition of Session Initiation Protocol (SIP) as described in the following
More informationDEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER
DEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER Table of Contents Table of Contents Introducing the F5 and Oracle Access Manager configuration Prerequisites and configuration notes... 1 Configuration
More informationRelease Notes for Snare Enterprise Agent for MSSQL Release Notes for Snare Enterprise Agent for MSSQL v1.2/1.3
Release Notes for Snare Enterprise Agent for v1.2/1.3 InterSect Alliance International Pty Ltd Page 1 of 19 About this document This document provides release notes for the Snare Enterprise Agent for version
More informationCSP 1.4: An HTTP-Based Protocol for Parameterized, Aggregated Content
CSP 1.4: An HTTP-Based Protocol for Parameterized, Aggregated Content This document was modified: 6/25/2007 1. Introduction... 3 1.1. Motivation and Design Goals... 3 1.2. Glossary of Terms... 3 2. Protocol
More informationSAP Web Dispatcher 6.40 for SAP Web AS Java. Jochen Rundholz NW RIG APA
SAP Web Dispatcher 6.40 for SAP Web AS Java Jochen Rundholz NW RIG APA RIG Know How Conf Calls Please: All participants will be muted Questions in the Q&A section at the end Important issues via WebEx
More informationImplementing Data Masking and Data Subset with IMS Unload File Sources
Implementing Data Masking and Data Subset with IMS Unload File Sources 2014 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying,
More informationVM File Systems Overview
Session 9353 / 9394 VM File Systems Overview Alan Altmark IBM Corporation Endicott, New York Copyright IBM Corporation, 1998, 1999 Page 1 Disclaimer This presentation provides a comparison and contrast
More informationIBM. SMF 119 TCP connection termination record (subtype 2) enhanced to provide IP filter information. z/os Communications Server. Version 2 Release 2
z/os Communications Serer IBM SMF 119 TCP connection termination record (subtype 2) enhanced to proide IP filter information Version 2 Release 2 Note: Links to related publications are from original documents
More informationIntegrating a directory server
Integrating a directory server Knox Manage provides a directory service that integrates a client's directory server through a Lightweight Directory Access Protocol (LDAP)-based Active Directory service
More informationBIG-IP Access Policy Manager : Portal Access. Version 13.0
BIG-IP Access Policy Manager : Portal Access Version 13.0 Table of Contents Table of Contents Overview of Portal Access...7 Overview: What is portal access?...7 About portal access configuration elements...
More informationProtocol Compliance Statements for the CSG2
APPENDIXC This appendix provides protocol compliance statements for the CSG2. Any RFCs that are not explicitly listed are not supported. Layer 4 Inspection (parse protocol=other) The Cisco Content Services
More informationA New Internet? RIPE76 - Marseille May Jordi Palet
A New Internet? RIPE76 - Marseille May 2018 Jordi Palet (jordi.palet@theipv6company.com) -1 (a quick) Introduction to HTTP/2, QUIC and DOH and more RIPE76 - Marseille May 2018 Jordi Palet (jordi.palet@theipv6company.com)
More informationCisco IOS HTTP Services Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationRemote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN
Remote Access virtual private network (VPN) allows individual users to connect to your network from a remote location using a laptop or desktop computer connected to the Internet. This allows mobile workers
More informationRelease Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7
Release Notes for Epilog for Windows v1.7 InterSect Alliance International Pty Ltd Page 1 of 16 About this document This document provides release notes for Snare Enterprise Epilog for Windows release.
More informationAPIs Economy for Mainframe Customers: A new approach for modernizing and reusing mainframe assets
Contact us: ZIO@hcl.com APIs Economy for Mainframe Customers: A new approach for modernizing and reusing mainframe assets www.zio-community.com Meet Our Experts and Learn the Latest News Copyright 2018
More informationCNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies
CNIT 129S: Securing Web Applications Ch 3: Web Application Technologies HTTP Hypertext Transfer Protocol (HTTP) Connectionless protocol Client sends an HTTP request to a Web server Gets an HTTP response
More informationRemote Desktop Services Deployment Guide
Deployment Guide VERSION: 10.0 UPDATED: July 2017 Copyright Notices Copyright 2002-2017 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies logo are registered trademarks
More informationUnderstanding Traffic Decryption
The following topics provide an overview of SSL inspection, describe the prerequisites for SSL inspection configuration, and detail deployment scenarios. Traffic Decryption Overview, page 1 SSL Handshake
More informationCSE 333 Lecture HTTP
CSE 333 Lecture 19 -- HTTP Hal Perkins Paul G. Allen School of Computer Science & Engineering University of Washington Administrivia HW4 due a week from Thursday - How s it look? Today: http; finish networking/web
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationImplementing Data Masking and Data Subset with IMS Unload File Sources
Implementing Data Masking and Data Subset with IMS Unload File Sources 2013 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying,
More informationRKN 2015 Application Layer Short Summary
RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,
More informationCOBOL for AIX, Version 4.1
software Application development for today s changing marketplace COBOL for AIX, Version 4.1 To remain competitive, you need a complete business strategy to help you modernize, integrate, and manage existing
More informationSession 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes
Session 8 Deployment Descriptor 1 Reading Reading and Reference en.wikipedia.org/wiki/http Reference http headers en.wikipedia.org/wiki/list_of_http_headers http status codes en.wikipedia.org/wiki/_status_codes
More informationSecurity zsecure Service Stream Enhancement for PCI-DSS support Version Documentation updates for User Reference Manual for Top Secret
Security zsecure Serice Stream Enhancement for PCI-DSS support Version 2.1.0 Documentation updates for User Reference Manual for Top Secret Security zsecure Serice Stream Enhancement for PCI-DSS support
More informationNETWORK PACKET ANALYSIS PROGRAM
NETWORK PACKET ANALYSIS PROGRAM Duration: 3 days (21 hours) Mode: 1. Instructor Led Class room Training and Labs 2. Online In this hands-on course, you will receive in-depth training on Protocol analysis
More informationError Transferring File Server Returned Http Response Code 407 For Url
Error Transferring File Server Returned Http Response Code 407 For Url HTTP 1.1 has a number of response codes which are sent from the server to inform Code 200 specifically means that a URL/URI points
More informationConfiguring Secure Socket Layer HTTP
This feature provides Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1 server and HTTP 1.1 client within Cisco IOS software. SSL provides server authentication, encryption, and message integrity
More information04 Webservices. Web APIs REST Coulouris. Roy Fielding, Aphrodite, chp.9. Chp 5/6
04 Webservices Web APIs REST Coulouris chp.9 Roy Fielding, 2000 Chp 5/6 Aphrodite, 2002 http://www.xml.com/pub/a/2004/12/01/restful-web.html http://www.restapitutorial.com Webservice "A Web service is
More informationConfiguring Virtual Servers
3 CHAPTER This section provides an overview of server load balancing and procedures for configuring virtual servers for load balancing on an ACE appliance. Note When you use the ACE CLI to configure named
More informationWeb as a Distributed System
Web as a Distributed System The World Wide Web is a large distributed system. In 1998 comprises 70-75% of Internet traffic. With large transfers of streaming media and p2p, no longer a majority of bytes,
More informationProtocol Compliance Statements for the CSG2
APPENDIXJ This appendix provides protocol compliance statements for the CSG2. Any RFCs that are not explicitly listed are not supported. Layer 4 Inspection (parse protocol=other) The Cisco Content Services
More informationIBM Systems and Technology Group
IBM Systems and Technology Group Encryption Facility for z/os Update Steven R. Hart srhart@us.ibm.com 2013 IBM Corporation Topics Encryption Facility for z/os EF OpenPGP Support X.509 vs. OpenPGP Certificates
More informationContainer-Native Applications
Container-Native Applications Security, Logging, Tracing Matthias Fuchs, @hias222 DOAG 2018 Exa & Middleware Days, 2018/06/19 Microservice Example Flow Oracle Cloud Details Logging Security, OAuth, TLS
More informationOracle API Gateway Release Notes
Oracle API Gateway 11.1.2.4.0 Release Notes Document version: 29 October 2015 New features and enhancements Fixed problems Known issues ALERT: See the Known Issues section for important post-install steps
More informationAdvOSS AAA: Architecture, Call flows and implementing emerging business use cases
AdvOSS AAA: Architecture, Call flows and implementing emerging business use cases An AdvOSS White Paper Latest version of this white paper can always be found at http://advoss.com/resources/whitepapers/advoss-aaa-workflows.pdf
More informationHTTPS File Transfer. Specification
HTTPS File Transfer Specification Version 1.4 5-Apr-2017 Date Version Description 30-Aug-2010 1.0 Original Version 30-Jun-2011 1.1 Added FAQ 29-Jun-2015 1.2 ilink administration added 1-Sep-2015 1.3 Updated
More informationHTTPS--HTTP Server and Client with SSL 3.0
The feature provides Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1 server and HTTP 1.1 client within Cisco IOS software. SSL provides server authentication, encryption, and message integrity
More informationSimple BCPii Programming for the z/os System Programmer Steve Warren, IBM Corporation
Session 09865 Simple BCPii Programming for the z/os System Programmer Steve Warren, IBM Corporation Agenda BCPii quick overview BCPii installation overview Quick BCPii z/os 1.13 Update BCPii Programming
More informationFailover Configuration Bomgar Privileged Access
Failover Configuration Bomgar Privileged Access 2017 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property
More informationIBM Security Access Manager Version January Federation Administration topics IBM
IBM Security Access Manager Version 9.0.2.1 January 2017 Federation Administration topics IBM IBM Security Access Manager Version 9.0.2.1 January 2017 Federation Administration topics IBM ii IBM Security
More informationConfiguring Secure Socket Layer HTTP
Finding Feature Information, page 1 Information about Secure Sockets Layer (SSL) HTTP, page 1 How to Configure Secure HTTP Servers and Clients, page 4 Monitoring Secure HTTP Server and Client Status, page
More informationJava interoperability
Java interoperability 2007 IBM Corporation Martina Schmidt Agenda z/os data access MVS datasets VSAM HFS files MVS console communication MVS commands WTO Automation, event monitoring Security interfaces
More informationFtp Secure Connection Error Return Code 23
Ftp Secure Connection Error Return Code 23 Sending the FTP server code 230 should establish a connection like it does when using the and if you get it call perror() or print an error made up with strerror(),
More information